## Configuração para torrent.partidopirata.org
server {
  listen 80;
  listen [::]:80;
  server_name torrent.partidopirata.org;
  return 301 https://torrent.partidopirata.org$request_uri;
}

## SSL
server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name torrent.partidopirata.org;
  index index.html;

  # Use large keepalive timeout for faster subsequent connections
  keepalive_timeout 150;

  # SSL configuration
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
        ssl_ecdh_curve secp384r1;
        ssl_session_cache shared:SSL:10m;
        ssl_session_tickets off;
        ssl_stapling on;
        ssl_stapling_verify on;
        resolver 208.67.220.220 208.67.222.222 valid=300s;
        resolver_timeout 5s;
        add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
        add_header X-Frame-Options SAMEORIGIN;
        add_header X-Content-Type-Options nosniff;
        ssl_certificate /etc/letsencrypt/live/partidopirata.org-0001/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/partidopirata.org-0001/privkey.pem;
        ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org-0001/chain.pem;

  # Allow file uploads
  client_max_body_size 1200M;

  # Only retry if there was a communication error, not a timeout
  # on the app server (to avoid propagating "queries of death"
  # to all frontends)
  proxy_next_upstream error;

  # If node has an error then nginx will intercept it if there is
  # an error_page directive for that error code. So far, just doing
  # this for 50x errors.
  proxy_intercept_errors on;

  # Serve the root from node
  location / {
    proxy_pass_header Server;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    #proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://127.0.0.1:4000;
    proxy_intercept_errors on;
    error_page 501 502 503 504 /50x.html;
  }

  ## TODO: Alguém escreve uma página pra erros 50x?
  # Serve 500 file
  #location = /50x.html {
  # root /home/feross/www/instant.io/static;
  #}
}

## Tor
server {
  listen 127.0.0.1:42912;
  allow 127.0.0.1;
  deny all;

  server_name twebheztijgt5qhj.onion;
  index index.html;

  # Use large keepalive timeout for faster subsequent connections
  keepalive_timeout 150;

  # Allow file uploads
  client_max_body_size 1200M;

  # Only retry if there was a communication error, not a timeout
  # on the app server (to avoid propagating "queries of death"
  # to all frontends)
  proxy_next_upstream error;

  # If node has an error then nginx will intercept it if there is
  # an error_page directive for that error code. So far, just doing
  # this for 50x errors.
  proxy_intercept_errors on;

  # Serve the root from node
  location / {
    proxy_pass_header Server;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    #proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://127.0.0.1:4000;
    proxy_intercept_errors on;
    error_page 501 502 503 504 /50x.html;
  }

  ## TODO: Alguém escreve uma página pra erros 50x?
  # Serve 500 file
  #location = /50x.html {
  # root /home/feross/www/instant.io/static;
  #}
}

